New RATs Target Windows, Game Utilities for Access

In late February 2026, researchers uncovered a campaign where cybercriminals distribute trojanized gaming utilities via online platforms to deploy a remote access trojan. The Microsoft Threat Intelligence team explained the attack uses a malicious Java downloader and living-off-the-land binaries for stealth. This multi-purpose malware acts as a loader, runner, and RAT to exfiltrate data and deploy other payloads.

The threat also establishes persistence and configures Microsoft Defender exclusions to avoid detection. Consequently, defenders are advised to audit these exclusions and scheduled tasks immediately. Meanwhile, a separate, far more comprehensive threat has emerged on the cybercrime market.

BlackFog disclosed a new Windows RAT family first advertised in November 2025 called Steaelite, marketed as a “best Windows RAT” with fully undetectable capabilities. Security researcher Wendy McCague said it “enables complete double extortion from one tool” by combining ransomware with data theft. The tool can disable antivirus, remove competing malware, and offers extensive features like live streaming and credential theft.

In recent weeks, two other new RAT families have also been discovered. One is the open-source DesckVB RAT available on GitHub, providing remote control capabilities. The other, KazakRAT, is suspected to be the work of a state-affiliated group and has been detailed in a report by Ctrl Alt Intel. This campaign has reportedly been targeting Kazakh and Afghan entities since at least August 2022.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Bitcoin Nears 20K Whales Amid Market Volatility
• LUNC Surges 30% as Lawsuit Sparks Trader Short Squeeze
• New Stablecoin Rules Threaten Coinbase-Circle Deal
• Crypto Market Consolidates: Dip or Rally Ahead?
• Warren: Bank Regulator “Accomplice in Trump Corruption”